Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/gcQPzk40Zj9xmy1dIrQwrgpEVJ8.roa
File: gcQPzk40Zj9xmy1dIrQwrgpEVJ8.roa (raw, json)
Hash identifier: WKKTYVmvog3+N2KGEUCu/PBKJlZT1MbGG8Q0etSzqJM=
Subject key identifier: 81:C4:0F:CE:4E:34:66:3F:71:9B:2D:5D:22:B4:30:AE:0A:44:54:9F
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 0193BF6C3F019C705F2B6EBD3F65DECFB23C
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/gcQPzk40Zj9xmy1dIrQwrgpEVJ8.roa
Signing time: Fri 13 Dec 2024 09:49:22 +0000
ROA not before: Fri 13 Dec 2024 09:49:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12552
IP address blocks: 31.204.64.0/21 maxlen: 24
130.255.160.0/21 maxlen: 24
159.253.216.0/21 maxlen: 24
185.6.8.0/22 maxlen: 24
185.13.96.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bf:6c:3f:01:9c:70:5f:2b:6e:bd:3f:65:de:cf:b2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Dec 13 09:49:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81c40fce4e34663f719b2d5d22b430ae0a44549f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4e:73:86:33:94:bf:d1:ca:a6:51:7e:4e:a1:
38:45:b8:ae:32:96:0e:49:01:b4:36:3c:76:55:ac:
e9:3e:48:6e:42:cf:ea:eb:51:5a:b7:7d:5c:be:3d:
a8:b0:78:5a:55:bf:1e:69:c9:59:1f:b6:aa:a8:41:
77:5e:97:dc:eb:2f:25:6f:9a:0c:13:5b:42:9d:04:
a0:e7:d7:68:19:65:e8:4a:87:f9:cb:82:10:c7:d9:
7d:a0:75:c1:0c:da:49:5d:4f:7c:44:26:39:5c:0c:
e7:04:c4:bc:e1:6b:f5:a3:09:9d:68:8f:3c:df:06:
28:48:da:03:8a:f2:cb:fe:bf:74:36:1a:3b:19:18:
0e:c0:e7:aa:68:84:f5:e2:8d:e3:9f:dd:70:9d:5f:
c6:fe:80:59:f5:49:6c:01:c8:14:12:18:f3:cf:b4:
b9:c5:e8:2a:a1:7d:0c:44:77:00:77:72:16:69:47:
47:87:bd:ef:72:3c:a2:e9:cc:8d:cb:d8:72:e7:11:
04:3c:e0:b5:fb:88:06:c7:88:d8:2f:0d:e4:b2:dd:
a6:0c:f6:5f:f6:8c:f8:b4:e3:cb:53:d2:9b:b8:d6:
4c:3a:10:ba:bb:89:6a:02:50:2c:3c:9d:04:df:83:
a8:2a:5d:e2:48:04:b5:63:68:4a:e5:0b:80:35:31:
05:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C4:0F:CE:4E:34:66:3F:71:9B:2D:5D:22:B4:30:AE:0A:44:54:9F
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/gcQPzk40Zj9xmy1dIrQwrgpEVJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.64.0/21
130.255.160.0/21
159.253.216.0/21
185.6.8.0/22
185.13.96.0/22
Signature Algorithm: sha256WithRSAEncryption
d2:f9:84:73:19:87:9e:09:8e:78:6c:7f:0e:b7:f1:c4:47:a6:
51:de:19:0f:cc:22:42:26:20:a0:e5:20:a3:28:4f:34:59:40:
80:0f:f5:0b:5b:89:0a:d6:62:da:d4:a8:1e:5b:f0:7d:a9:48:
be:1d:f9:ce:e7:09:0c:5b:bf:f8:9c:7b:a7:ab:17:a3:63:17:
45:e2:59:21:62:d2:58:d7:f0:32:ba:e2:b4:8e:58:74:3f:10:
60:bd:78:f3:60:c5:08:b6:12:b4:8e:71:29:6f:a6:e7:f6:9b:
fe:a0:1b:14:8c:20:35:cc:9c:74:0b:c0:e0:d1:10:37:fb:f4:
17:e0:8a:8c:bd:6f:5a:8f:4b:38:6b:cc:4f:9f:a4:f0:d8:aa:
39:ef:d3:c1:2d:67:1a:03:39:03:14:2f:e1:16:3e:29:42:62:
c3:0c:51:2a:a4:d9:52:bb:47:f6:2c:41:4e:86:4e:03:d5:eb:
ca:4f:7a:d1:71:b5:ea:c4:3c:18:d9:9c:06:01:ad:74:0b:71:
4f:8a:8a:61:be:7f:fe:e4:64:8d:ad:4d:08:4b:a3:25:9c:72:
2a:c0:81:65:eb:c0:a8:fa:18:2f:5e:4b:cb:90:20:27:80:6c:
e0:43:86:68:86:89:c5:c0:4f:31:39:e6:ad:73:68:67:2b:55:
2a:32:37:bd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZO/bD8BnHBfK269P2Xez7I8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjQxMjEzMDk0OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWM0MGZjZTRlMzQ2NjNmNzE5YjJkNWQyMmI0MzBhZTBhNDQ1NDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlk5zhjOUv9HKplF+TqE4RbiuMpYO
SQG0Njx2VazpPkhuQs/q61Fat31cvj2osHhaVb8eaclZH7aqqEF3Xpfc6y8lb5oM
E1tCnQSg59doGWXoSof5y4IQx9l9oHXBDNpJXU98RCY5XAznBMS84Wv1owmdaI88
3wYoSNoDivLL/r90Nho7GRgOwOeqaIT14o3jn91wnV/G/oBZ9UlsAcgUEhjzz7S5
xegqoX0MRHcAd3IWaUdHh73vcjyi6cyNy9hy5xEEPOC1+4gGx4jYLw3kst2mDPZf
9oz4tOPLU9KbuNZMOhC6u4lqAlAsPJ0E34OoKl3iSAS1Y2hK5QuANTEF5wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIHED85ONGY/cZstXSK0MK4KRFSfMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvZ2NRUHprNDBaajl4bXkxZElyUXdyZ3BFVko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDH8xAAwQD
gv+gAwQDn/3YAwQCuQYIAwQCuQ1gMA0GCSqGSIb3DQEBCwUAA4IBAQDS+YRzGYee
CY54bH8Ot/HER6ZR3hkPzCJCJiCg5SCjKE80WUCAD/ULW4kK1mLa1KgeW/B9qUi+
HfnO5wkMW7/4nHunqxejYxdF4lkhYtJY1/AyuuK0jlh0PxBgvXjzYMUIthK0jnEp
b6bn9pv+oBsUjCA1zJx0C8Dg0RA3+/QX4IqMvW9aj0s4a8xPn6Tw2Ko579PBLWca
AzkDFC/hFj4pQmLDDFEqpNlSu0f2LEFOhk4D1evKT3rRcbXqxDwY2ZwGAa10C3FP
iophvn/+5GSNrU0IS6MlnHIqwIFl68Co+hgvXkvLkCAngGzgQ4ZohonFwE8xOeat
c2hnK1UqMje9
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:51 2025 by rpki-client